Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33383a3a2f34382d3438203d3e20323135333735.roa
File: 326131313a323963303a33383a3a2f34382d3438203d3e20323135333735.roa (raw, json)
Hash identifier: kQnmLPvnOf94wRYQ3dvwT3FiJ/tF0kGBTwItXMjYa08=
Subject key identifier: F9:70:D1:0F:A2:A3:88:99:BC:B2:A2:17:BE:7A:70:F4:88:0A:43:0D
Certificate issuer: /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial: 64A2EF307D1D2097B43F0542FE0FFBAFAE69E15E
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33383a3a2f34382d3438203d3e20323135333735.roa
Signing time: Tue 04 Feb 2025 12:01:40 +0000
ROA not before: Tue 04 Feb 2025 11:56:40 +0000
ROA not after: Tue 03 Feb 2026 12:01:40 +0000
asID: 215375
IP address blocks: 2a11:29c0:38::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:a2:ef:30:7d:1d:20:97:b4:3f:05:42:fe:0f:fb:af:ae:69:e1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
Validity
Not Before: Feb 4 11:56:40 2025 GMT
Not After : Feb 3 12:01:40 2026 GMT
Subject: CN=F970D10FA2A38899BCB2A217BE7A70F4880A430D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:47:8a:81:88:7c:0f:bb:e6:c4:2b:30:29:c0:
09:76:93:f1:23:af:a2:02:74:55:5c:23:65:8c:b7:
fc:a2:80:ba:7c:89:d6:af:05:b2:7e:12:ca:c8:f8:
af:05:d3:c7:ca:d8:76:a0:21:04:17:94:cb:61:b2:
2b:a2:2d:2c:b1:06:d6:93:2e:a8:ba:4b:b1:40:a4:
27:ec:aa:69:f1:f3:68:cb:e8:74:5e:ff:d1:51:de:
96:f7:c3:64:7d:28:69:26:03:34:f9:70:ee:dc:98:
10:d2:54:72:20:a6:91:6c:7b:aa:3a:0b:af:00:75:
b0:d7:9e:c1:2d:14:f4:67:94:3d:23:bb:bf:3b:7f:
2b:29:c2:9c:6f:18:fb:d0:f9:81:b3:b6:ef:d2:13:
3e:5a:f2:72:8c:e6:d2:28:82:c5:53:bd:43:93:0a:
9c:58:6d:d6:6e:77:fd:63:d6:f8:d7:1e:93:4a:81:
4c:17:67:f7:c9:cf:09:24:dc:b0:2a:67:ea:cc:34:
e3:ee:85:96:cd:f9:bd:7f:64:59:31:a4:0c:0f:df:
2d:eb:84:62:1c:ec:19:4e:bb:3a:f5:0e:f3:77:7e:
94:e1:c5:24:0b:0e:dc:55:4b:aa:66:e8:77:2a:33:
dc:a9:02:0b:cb:71:53:fd:fd:71:86:5d:40:95:b3:
e6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:70:D1:0F:A2:A3:88:99:BC:B2:A2:17:BE:7A:70:F4:88:0A:43:0D
X509v3 Authority Key Identifier:
keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33383a3a2f34382d3438203d3e20323135333735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:38::/48
Signature Algorithm: sha256WithRSAEncryption
7c:30:71:aa:70:b2:26:35:ce:8b:7c:62:04:8c:56:9f:6a:f3:
23:9a:39:f3:d3:b2:10:fe:6c:1f:21:53:b7:27:e8:77:0e:08:
58:04:77:02:45:4c:e0:61:67:94:86:77:bc:6d:e0:26:92:d1:
f2:ea:ea:52:f4:63:5b:bb:b7:b9:dc:89:c1:90:71:7c:d2:79:
2d:b1:a8:64:83:70:0e:f5:3b:2f:06:8c:1d:ec:9a:ba:93:b5:
c6:d0:aa:c9:df:d5:a2:f6:76:91:5d:09:67:aa:68:78:16:ff:
8f:bc:43:e9:91:ab:e8:d0:e4:e0:c3:ca:9c:91:54:32:c2:84:
c9:99:8b:d6:d1:8f:61:e1:1d:f7:56:d3:2c:fb:7f:f9:55:2b:
a6:55:68:ee:19:f8:4a:ee:c1:70:9b:6e:2a:3a:76:09:2a:7c:
0c:45:63:6f:bb:06:31:b3:f4:1a:6e:01:17:d5:33:2a:7a:d1:
cb:49:6b:67:67:03:0f:bd:0d:4d:63:13:f8:9e:d0:e5:6b:e0:
39:34:e0:9b:68:5b:da:38:28:08:ee:e1:69:9e:da:d4:4c:ab:
99:f9:bc:25:03:ee:c1:83:8a:f3:26:f2:c6:7f:94:4a:3e:c0:
40:66:fd:a1:f8:88:0a:67:99:94:8a:9b:1a:7f:aa:30:ba:4e:
c8:65:54:0c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUZKLvMH0dIJe0PwVC/g/7r65p4V4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNTAyMDQxMTU2NDBaFw0yNjAyMDMxMjAxNDBaMDMxMTAvBgNV
BAMTKEY5NzBEMTBGQTJBMzg4OTlCQ0IyQTIxN0JFN0E3MEY0ODgwQTQzMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaR4qBiHwPu+bEKzApwAl2k/Ej
r6ICdFVcI2WMt/yigLp8idavBbJ+EsrI+K8F08fK2HagIQQXlMthsiuiLSyxBtaT
Lqi6S7FApCfsqmnx82jL6HRe/9FR3pb3w2R9KGkmAzT5cO7cmBDSVHIgppFse6o6
C68AdbDXnsEtFPRnlD0ju787fyspwpxvGPvQ+YGztu/SEz5a8nKM5tIogsVTvUOT
CpxYbdZud/1j1vjXHpNKgUwXZ/fJzwkk3LAqZ+rMNOPuhZbN+b1/ZFkxpAwP3y3r
hGIc7BlOuzr1DvN3fpThxSQLDtxVS6pm6HcqM9ypAgvLcVP9/XGGXUCVs+YHAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU+XDRD6KjiJm8sqIXvnpw9IgKQw0wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzMzNzM1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAA4MA0GCSqGSIb3DQEBCwUAA4IBAQB8MHGqcLImNc6LfGIEjFaf
avMjmjnz07IQ/mwfIVO3J+h3DghYBHcCRUzgYWeUhne8beAmktHy6upS9GNbu7e5
3InBkHF80nktsahkg3AO9TsvBowd7Jq6k7XG0KrJ39Wi9naRXQlnqmh4Fv+PvEPp
kavo0OTgw8qckVQywoTJmYvW0Y9h4R33VtMs+3/5VSumVWjuGfhK7sFwm24qOnYJ
KnwMRWNvuwYxs/QabgEX1TMqetHLSWtnZwMPvQ1NYxP4ntDla+A5NOCbaFvaOCgI
7uFpntrUTKuZ+bwlA+7Bg4rzJvLGf5RKPsBAZv2h+IgKZ5mUipsaf6owuk7IZVQM
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:31:54 2025 by rpki-client